公开(公告)号：US09979716B2

公开(公告)日：2018-05-22

申请号：US13638300

申请日：2010-04-01

Applicant: Robert Seidl ,  Norbert Goetze ,  Markus Bauer-Hermann

Inventor： Robert Seidl ,  Norbert Goetze ,  Markus Bauer-Hermann

IPC: H04L29/06 ,  H04L9/00 ,  H04L9/32

CPC classification number: H04L63/0823 ,  H04L9/006 ,  H04L9/3268 ,  H04L63/102

Abstract: A protocol for issuing and controlling digital certificates is described in which an identity management system is used to identify a user requesting a digital certificate and is also used to issue the digital certificate itself. Accordingly, an IDM-based PKI system is provided.

公开(公告)号：US20120311663A1

公开(公告)日：2012-12-06

申请号：US13577053

申请日：2010-02-05

Applicant: Robert Seidl ,  Joerg Abendroth ,  Gerald Meyer ,  Markus Bauer-Hermann

Inventor： Robert Seidl ,  Joerg Abendroth ,  Gerald Meyer ,  Markus Bauer-Hermann

IPC: G06F21/00

CPC classification number: H04L63/0815 ,  G06F21/41 ,  G06F2221/2115 ,  H04L63/102 ,  H04L63/20

Abstract: The present invention relates to an improved identity management in which a first authentication request is received from a service provider where the first authentication request requests authentication attributes relating to a user. A second authentication request is transmitted to an identity provider and a first authentication response is received from the identity provider wherein the first authentication response includes at least one authentication attribute relating to said user. At least one predefined policy is applied to the first authentication response to generate a second authentication response and the second authentication response is transmitted to the service provider.

Abstract translation: 本发明涉及一种改进的身份管理，其中从服务提供商接收到第一认证请求，其中第一认证请求请求与用户相关的认证属性。 第二认证请求被发送到身份提供者，并且从身份提供者接收第一认证响应，其中第一认证响应包括与所述用户相关的至少一个认证属性。 至少一个预定义策略被应用于第一认证响应以产生第二认证响应，并且将第二认证响应发送到服务提供商。

公开(公告)号：US20110289567A1

公开(公告)日：2011-11-24

申请号：US13128244

申请日：2008-12-30

Applicant: Markus Bauer-Hermann ,  Gerald Meyer ,  Robert Seidl

Inventor： Markus Bauer-Hermann ,  Gerald Meyer ,  Robert Seidl

IPC: H04L9/32

CPC classification number: H04L63/0853 ,  G06F21/34

Abstract: A USB memory stick, or similar device, is provided having software installed thereon to enable a user to access restricted applications without a user device needing to handle user credential data. In use, the stick receives a request from the user device for access to an application, obtains first user identification information from the user device, uses the first user identification information and the application information to obtain user credentials from an identity management system, which user credentials are required by the application in order to grant the user access to the application, and provides the user credentials to the application without the user credentials needing to be provided to the user device.

Abstract translation: 提供了一种USB记忆棒或类似设备，其上安装有软件，以使得用户能够访问受限制的应用，而不需要处理用户凭证数据的用户设备。 在使用中，棒从用户设备接收用于访问应用的请求，从用户设备获取第一用户标识信息，使用第一用户标识信息和应用信息从身份管理系统获得用户凭证，哪个用户 应用程序需要凭证才能授予用户对应用程序的访问权限，并将用户凭据提供给应用程序，而不需要将用户凭据提供给用户设备。

公开(公告)号：US20150127771A1

公开(公告)日：2015-05-07

申请号：US14397917

申请日：2012-05-08

Applicant: Markus Bauer-Hermann ,  Robert Seidl ,  Stefan Baur

Inventor： Markus Bauer-Hermann ,  Robert Seidl ,  Stefan Baur

IPC: H04L29/08

Abstract: A method includes causing a first request to be sent; receiving a response to said request including a script; causing a second request to be sent including parameter information; running said script to determine type information associated with said parameter information; and causing said type information to be sent.

Abstract translation: 一种方法包括：使第一请求发送; 接收对所述请求的响应，包括脚本; 导致发送包括参数信息的第二请求; 运行所述脚本以确定与所述参数信息相关联的类型信息; 并导致所述类型信息被发送。

公开(公告)号：US20140237351A1

公开(公告)日：2014-08-21

申请号：US14240044

申请日：2011-08-24

Applicant: Robert Seidl ,  Gerald Meyer ,  Markus Bauer-Hermann

Inventor： Robert Seidl ,  Gerald Meyer ,  Markus Bauer-Hermann

IPC: G06F17/22

CPC classification number: G06F17/2247 ,  G06F16/9577 ,  H04L67/02

Abstract: The present invention relates to application program control, in which a browser 203 receives content 208 from a server 205 and, based on the browser content, transmit a request 209 to a port on a device 202. A response is received 211 to the request from an application 204 associated with the port which indicates that the application 204 is triggered. A second request is transmitted 217 to the port on the device 202 to indicate to the application 204 that the browser 203 will handover control, at least in part, of the device 202 to the application 204.

Abstract translation: 本发明涉及应用程序控制，其中浏览器203从服务器205接收内容208，并且基于浏览器内容将请求209发送到设备202上的端口。响应被接收到211的请求 与端口相关联的指示应用程序204被触发的应用程序204。 第二请求被发送217到设备202上的端口，以向应用程序204指示浏览器203将至少部分地将设备202切换到应用程序204。

公开(公告)号：US08683604B2

公开(公告)日：2014-03-25

申请号：US13378447

申请日：2009-06-30

Applicant: Joerg Abendroth ,  Markus Bauer-Hermann ,  Robert Seidl

Inventor： Joerg Abendroth ,  Markus Bauer-Hermann ,  Robert Seidl

IPC: H04N7/16

CPC classification number: H04L63/0407 ,  G06F21/6254

Abstract: A method of providing data in response to a search request comprises the steps of a social networking website receiving the search request to provide a pseudonym associated with the real name; the social networking website determining that the search request is for a pseudonym which, within its database, is not associated with the real name; the social networking website referring the search request to a identity management server which contains an association between the pseudonym and the real name; the identity management server determining the pseudonym which is associated with the real name; and the identity management server providing an information item which is related to the pseudonym.

Abstract translation: 响应于搜索请求提供数据的方法包括以下步骤：社交网站接收搜索请求以提供与真实姓名相关联的假名; 社交网站确定搜索请求是在其数据库内与实名不相关联的假名; 所述社交网站将所述搜索请求引用到包含所述假名和所述真实姓名之间的关联的身份管理服务器; 身份管理服务器确定与真实姓名相关联的假名; 身份管理服务器提供与假名有关的信息项。

公开(公告)号：US20120240210A1

公开(公告)日：2012-09-20

申请号：US13511192

申请日：2009-11-23

Applicant: Robert Seidl ,  Joerg Abendroth ,  Markus Bauer-Hermann

Inventor： Robert Seidl ,  Joerg Abendroth ,  Markus Bauer-Hermann

IPC: G06F21/00

CPC classification number: H04L63/102 ,  G06F21/40 ,  H04L63/0815

Abstract: The invention enables a user to use single-sign-on methodologies to obtain access to a service where that user has more than one account. In addition to querying an identity provider to obtain user credentials in the usual way, the invention enables an application to request and obtain further credentials for that user in order to enable the user to gain access to the desired user account. The user may then be prompted to select which of the available accounts should be used at the application.

Abstract translation: 本发明使得用户能够使用单一登录方法来获得对该用户具有多个帐户的服务的访问。 除了以通常的方式查询身份提供商以获得用户凭证之外，本发明使得应用程序能够请求并获得该用户的进一步凭证，以使得用户能够访问期望的用户帐户。 然后可以提示用户选择在应用程序中应该使用哪些可用帐户。

公开(公告)号：US20120110677A1

公开(公告)日：2012-05-03

申请号：US13378447

申请日：2009-06-30

Applicant: Joerg Abendroth ,  Markus Bauer-Hermann ,  Robert Seidl

Inventor： Joerg Abendroth ,  Markus Bauer-Hermann ,  Robert Seidl

IPC: G06F21/00

CPC classification number: H04L63/0407 ,  G06F21/6254

Abstract: A method of providing data in response to a search request comprises the steps of a social networking website receiving the search request to provide a pseudonym associated with the real name; the social networking website determining that the search request is for a pseudonym which, within its database, is not associated with the real name; the social networking website referring the search request to a identity management server which contains an association between the pseudonym and the real name; the identity management server determining the pseudonym which is associated with the real name; and the identity management server providing an information item which is related to the pseudonym.

Abstract translation: 响应于搜索请求提供数据的方法包括以下步骤：社交网站接收搜索请求以提供与真实姓名相关联的假名; 社交网站确定搜索请求是在其数据库内与实名不相关联的假名; 所述社交网站将所述搜索请求引用到包含所述假名和所述真实姓名之间的关联的身份管理服务器; 身份管理服务器确定与真实姓名相关联的假名; 身份管理服务器提供与假名有关的信息项。

公开(公告)号：US20110289573A1

公开(公告)日：2011-11-24

申请号：US13144970

申请日：2010-02-05

Applicant: Robert Seidl ,  Gabor Marton ,  Markus Bauer-Hermann

Inventor： Robert Seidl ,  Gabor Marton ,  Markus Bauer-Hermann

IPC: H04L9/32 ,  G06F21/00

CPC classification number: H04L63/0815 ,  H04L63/0853 ,  H04L63/18 ,  H04W12/06

Abstract: An arrangement for authenticating a user at a service provider is described. The arrangement makes use of the fact that a user of a mobile communication device can be readily and securely identified by a telecommunications provider and re-uses that authentication to identify the same user when accessing the service provider from a different client. The client instructs the mobile communication device to contact an identity provider at the telecommunications provider and shared secrets are exchanged between the identity provider, mobile communication device and client to confirm that the same user is at the client and the mobile communication device.

Abstract translation: 描述了用于在服务提供商处认证用户的装置。 该安排利用移动通信设备的用户可以由电信提供商容易且安全地识别的事实，并且当从不同的客户端访问服务提供商时重新使用该认证来识别相同的用户。 客户端指示移动通信设备联系电信提供商的身份提供商，并且在身份提供商，移动通信设备和客户端之间交换共享的秘密，以确认相同的用户在客户端和移动通信设备。

公开(公告)号：US20110265169A1

公开(公告)日：2011-10-27

申请号：US13130908

申请日：2008-12-30

Applicant: Markus BAUER-HERMANN ,  Gerald MEYER ,  Robert SEIDL

Inventor： Markus BAUER-HERMANN ,  Gerald MEYER ,  Robert SEIDL

IPC: H04L9/32 ,  G06F15/16

CPC classification number: H04L67/16 ,  G06F16/9535 ,  H04L67/42

Abstract: A gateway is provided between an application and a server. The gateway is used to modify content sent from the server to the application via the gateway. The modification may include adding, removing or modifying content. The modification process is user-dependent and an identity management system is used for identifying the user.

Abstract translation: 在应用程序和服务器之间提供网关。 网关用于通过网关修改从服务器发送到应用程序的内容。 该修改可以包括添加，删除或修改内容。 修改过程是用户依赖的，身份管理系统用于识别用户。